OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 19-May-2004 22:03:13
Branch: OPENPKG_2_0_SOLID Handle: 2004051921031200
Modified files: (Branch: OPENPKG_2_0_SOLID)
openpkg-src/neon neon.patch neon.spec
Log:
apply security fix (OpenPKG-SA-2004.024-neon, CAN-2004-0398)
Summary:
Revision Changes Path
1.1.6.2 +46 -0 openpkg-src/neon/neon.patch
1.40.2.3 +1 -1 openpkg-src/neon/neon.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/neon/neon.patch
============================================================================
$ cvs diff -u -r1.1.6.1 -r1.1.6.2 neon.patch
--- openpkg-src/neon/neon.patch 16 Apr 2004 14:08:21 -0000 1.1.6.1
+++ openpkg-src/neon/neon.patch 19 May 2004 20:03:12 -0000 1.1.6.2
@@ -1,3 +1,5 @@
+Security Fix
+
diff -Nau src/ne_207.c.orig src/ne_207.c
--- src/ne_207.c.orig 2003-07-23 23:48:21.000000000 +0200
+++ src/ne_207.c 2004-04-16 14:47:53.000000000 +0200
@@ -140,3 +142,47 @@
T(NULL)
};
+-----------------------------------------------------------------------------
+
+Security Fix
+OpenPKG-SA-2004.024-neon, CAN-2004-0398
+
+Index: src/ne_dates.c
+--- src/ne_dates.c 2 May 2004 16:00:35 -0000 1.28.2.1
++++ src/ne_dates.c 2 May 2004 18:21:53 -0000
+@@ -47,7 +47,7 @@
+ /* RFC1123: Sun, 06 Nov 1994 08:49:37 GMT */
+ #define RFC1123_FORMAT "%3s, %02d %3s %4d %02d:%02d:%02d GMT"
+ /* RFC850: Sunday, 06-Nov-94 08:49:37 GMT */
+-#define RFC1036_FORMAT "%s %2d-%3s-%2d %2d:%2d:%2d GMT"
++#define RFC1036_FORMAT "%10s %2d-%3s-%2d %2d:%2d:%2d GMT"
+ /* asctime: Wed Jun 30 21:49:08 1993 */
+ #define ASCTIME_FORMAT "%3s %3s %2d %2d:%2d:%2d %4d"
+
+@@ -133,7 +133,7 @@
+ time_t ne_rfc1123_parse(const char *date)
+ {
+ struct tm gmt = {0};
+- static char wkday[4], mon[4];
++ char wkday[4], mon[4];
+ int n;
+ /* it goes: Sun, 06 Nov 1994 08:49:37 GMT */
+ n = sscanf(date, RFC1123_FORMAT,
+@@ -156,7 +156,7 @@
+ {
+ struct tm gmt = {0};
+ int n;
+- static char wkday[10], mon[4];
++ char wkday[11], mon[4];
+ /* RFC850/1036 style dates: Sunday, 06-Nov-94 08:49:37 GMT */
+ n = sscanf(date, RFC1036_FORMAT,
+ wkday, &gmt.tm_mday, mon, &gmt.tm_year,
+@@ -189,7 +189,7 @@
+ {
+ struct tm gmt = {0};
+ int n;
+- static char wkday[4], mon[4];
++ char wkday[4], mon[4];
+ n = sscanf(date, ASCTIME_FORMAT,
+ wkday, mon, &gmt.tm_mday,
+ &gmt.tm_hour, &gmt.tm_min, &gmt.tm_sec,
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/neon/neon.spec
============================================================================
$ cvs diff -u -r1.40.2.2 -r1.40.2.3 neon.spec
--- openpkg-src/neon/neon.spec 16 Apr 2004 14:08:21 -0000 1.40.2.2
+++ openpkg-src/neon/neon.spec 19 May 2004 20:03:12 -0000 1.40.2.3
@@ -34,7 +34,7 @@
Group: Web
License: LGPL
Version: 0.24.4
-Release: 2.0.1
+Release: 2.0.2
# list of sources
Source0: http://www.webdav.org/neon/neon-%{version}.tar.gz
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
